Dynamic allocation of network slice-specific credentials

3. The apparatus of claim 1, wherein the at least one processor is implemented in a credential manager and wherein the repository is implemented in at least one of the credential manager and an authentication, authorization, and accounting (AAA) server.

4. The apparatus of claim 1, wherein the credentials stored in the repository are protected according to at least one of encryption, access control, storage isolation, and integrity protection policies associated with a Single-Network Slice Selection Assistance Information (S-NSSAI) as defined in the service profile of the network slice.

5. The apparatus of claim 2, wherein the modification trigger comprises at least one of compromising the credentials, loss of the credentials, expiration of the credentials, a change in a security state or environment of the network slice, a change in a regulation or policy.

6. The apparatus of claim 2, wherein the property of the credentials comprises at least one of a value of the credentials, the credential protection policy, usage of the credentials for at least one of authentication and protecting traffic associated with the S-NSSAI, and subscriber authentication flags associate with the S-NSSAI that indicate whether primary or secondary authentication is used.

7. The apparatus of claim 2, wherein the processor is configured to trigger, in response to the modification trigger, modification of at least one of network slice authentication flags, traffic protection options on a network function, and wherein the processor is configured to trigger the modification of the credentials on a user equipment in response to the modification trigger.

8. The apparatus of claim 2, wherein the withdrawal trigger comprises at least one of termination of the network slice, disassociation of the S-NSSAI from the network slice, and disassociation of the tenant from the network slice.

9. The apparatus of claim 2, wherein the processor is configured to trigger, in response to the withdrawal trigger, update of at least one of network slice authentication flags, traffic protection options, and wherein the processor is configured to trigger removal of the credentials from a user equipment in response to the withdrawal trigger.

11. The method of claim 10, wherein the repository is implemented in at least one of a credential manager and an authentication, authorization, and accounting (AAA) server.

12. The method of claim 10, wherein protecting the credentials comprises protecting the credentials according to at least one of encryption, access control, storage isolation, and integrity protection policies associated with a Single-Network Slice Selection Assistance Information (S-NSSAI) defined in the service profile of the network slice.

15. The method of claim 14, wherein the modification trigger comprises at least one of compromising the credentials, loss of the credentials, expiration of the credentials, a change in a security state or environment of the network slice, a change in a regulation or policy.

16. The method of claim 14, wherein the property of the credentials comprises at least one of a value of the credentials, the credential protection policy, usage of the credentials for at least one of authentication and protecting traffic associated with a Single-Network Slice Selection Assistance Information (S-NSSAI) and subscriber authentication flags associated with the S-NSSAI that indicate whether primary or secondary authentication is used.

19. The method of claim 18, wherein the withdrawal trigger comprises at least one of termination of the network slice, disassociated of the S-NSSAI from the network slice, and disassociated of the tenant from the network slice.